Initial commit - install hooks
This commit is contained in:
commit
4f38e93217
|
@ -0,0 +1 @@
|
|||
swift-proxy-relations
|
|
@ -0,0 +1 @@
|
|||
swift-proxy-relations
|
|
@ -0,0 +1 @@
|
|||
swift-proxy-relations
|
|
@ -0,0 +1,64 @@
|
|||
#!/bin/bash
|
||||
set -ue
|
||||
# For openssl cert generation
|
||||
COUNTRY="US"
|
||||
STATE="OR"
|
||||
LOCALE="Portland"
|
||||
COMMON_NAME="swift-proxy.ensemble-test.com"
|
||||
|
||||
DEFAULT_ETH=$(ip route | grep default | awk '{ print $5 }')
|
||||
IP=$(ifconfig $DEFAULT_ETH | grep 'inet addr' | awk '{ print $2 }' | cut -d: -f2)
|
||||
|
||||
# TODO: Need to use different addresses for internal swift traffic
|
||||
# as this the only security measure in place is network isolation
|
||||
PROXY_LOCAL_NET_IP=$IP
|
||||
|
||||
PACKAGES="swift swift-proxy memcached"
|
||||
|
||||
SWIFT_HASH_FILE="/var/lib/ensemble/swift-hash-path.conf"
|
||||
|
||||
# generate the swift hash to be used for salting URLs of objects.
|
||||
# TODO: its important this is never lost, find out some way of getting
|
||||
# it off the server and into a sys admins INBOX?
|
||||
if [[ ! -e $SWIFT_HASH_FILE ]] ; then
|
||||
echo "swift-proxy: Generating a new SWIFT_HASH in $SWIFT_HASH_FILE"
|
||||
echo $(od -t x8 -N 8 -A n </dev/random) >$SWIFT_HASH_FILE
|
||||
fi
|
||||
|
||||
function set_swift_hash {
|
||||
# TODO: Do this with augeas and put in a utility function for use elsewhere
|
||||
cat >/etc/swift/swift.conf <<EOF
|
||||
[swift-hash]
|
||||
# random unique string that can never change (DO NOT LOSE)
|
||||
swift_hash_path_suffix = `cat $SWIFT_HASH_FILE`
|
||||
EOF
|
||||
}
|
||||
|
||||
function create_proxy_conf {
|
||||
cat >/etc/swift/proxy-server.conf <<EOF
|
||||
[DEFAULT]
|
||||
cert_file = /etc/swift/cert.crt
|
||||
key_file = /etc/swift/cert.key
|
||||
bind_port = 8080
|
||||
workers = 8
|
||||
user = swift
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = healthcheck cache tempauth proxy-server
|
||||
|
||||
[app:proxy-server]
|
||||
use = egg:swift#proxy
|
||||
allow_account_management = true
|
||||
|
||||
[filter:tempauth]
|
||||
use = egg:swift#tempauth
|
||||
user_system_root = testpass .admin https://$PROXY_LOCAL_NET_IP:8080/v1/AUTH_system
|
||||
|
||||
[filter:healthcheck]
|
||||
use = egg:swift#healthcheck
|
||||
|
||||
[filter:cache]
|
||||
use = egg:swift#memcache
|
||||
memcache_servers = $PROXY_LOCAL_NET_IP:11211
|
||||
EOF
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
#!/bin/bash
|
||||
set -ue
|
||||
FORMULA_DIR=$(dirname $0)
|
||||
ARG0=${0##*/}
|
||||
|
||||
if [[ -e $FORMULA_DIR/swift-proxy-common ]] ; then
|
||||
. $FORMULA_DIR/swift-proxy-common
|
||||
else
|
||||
echo "ERROR: Could nto load swift-proxy-common from $FORMULA_DIR"
|
||||
fi
|
||||
|
||||
function install_hook {
|
||||
apt-get -y install $PACKAGES || exit 1
|
||||
[[ ! -d /etc/swift ]] && mkdir /etc/swift
|
||||
set_swift_hash || exit 1
|
||||
create_proxy_conf
|
||||
if [[ ! -e /etc/swift/cert.crt ]] ; then
|
||||
openssl req -new -x509 -nodes \
|
||||
-out /etc/swift/cert.crt \
|
||||
-keyout /etc/swift/cert.key \
|
||||
-subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
|
||||
fi
|
||||
perl -pi -e "s/-l 127.0.0.1/-l $PROXY_LOCAL_NET_IP/" /etc/memcached.conf
|
||||
service memcached restart
|
||||
}
|
||||
|
||||
case $ARG0 in
|
||||
"install") install_hook ;;
|
||||
"start"|"stop") exit 0 ;;
|
||||
esac
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
ensemble: formula
|
||||
name: swift-proxy
|
||||
revision: 7
|
||||
summary: "Swift proxy node"
|
||||
description: |
|
||||
Swift is a distributed virtual object store. This formula deploys the proxy node
|
||||
to be related to storage nodes.
|
||||
provides:
|
||||
proxy-node:
|
||||
interface: swift
|
||||
requires:
|
||||
storage-node:
|
||||
interface: swift
|
Loading…
Reference in New Issue